[e2e] A simple scenario. (Basically the reason for the sliding window thread ; -))
Joe Touch
touch at ISI.EDU
Tue Jan 16 09:05:40 PST 2007
Detlef Bosau wrote:
> Joe Touch wrote:
>> PS - this could also happen within a single CWND, e.g., if the network
>> path temporarily shifts around the TCP-splitter. It doesn't require an
>> entire window wrap to occur.
>>
>> Joe
>>
>>
>
> Two remarks.
>
> First.
>
> The only scenrios where I see a justification / necessity for doing
> splitting or spoofing are scenarios where the TCP flow must pass the
> split box / spoofing box / PEP anyway. These are scenarios without path
> redundancy or path transparency.
Why are you so confident about the path, when you cannot control whether
there is a PEP/spoofing box in it?
...
> To be not misunderstood: I don´t want to make restrictions for the
> benefit of a splitter. I think in scenarios where an alternative path to
> a splitter exist, a splitter must not be used.
Either the use of splitters is under your control or it is not.
If it is, then there are a number of reasons to remove them, alternate
paths are just one.
If it is not, then you cannot make assumptions about the path.
> In my opinion splitters
> are to be used with maximum care and only in exceptional cases where any
> known alternative is worse than a splitter.
It would be interesting if you could explain a sample case. IMO,
splitters just lie - they lie about being an endpoint they are not.
Either you are lying to yourself (you own the endpoint you're lying to)
or you're lying to others. The first is silly - just install a true
application proxy - and the second is YOU making a decision for ME about
what's more important. If I don't want to talk to a true proxy, you have
no business tricking me into thinking I'm not.
> Second.
>
> To my understanding we can avoid wrap around problems by having the
> receiver window sufficiently small....
As I said, there are other cases where the splitter comes/goes, either
because it is unreliable or due to multipath, that can cause silent data
errors too.
You can't know whether that will happen; all you DO know is that you'll
mess up the data to the receiver. If you own the receiver, that's your
decision. If not, then you're silently breaking TCP semantics.
That's not worth any alternative.
Joe
--
----------------------------------------
Joe Touch
Sr. Network Engineer, USAF TSAT Space Segment
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://mailman.postel.org/pipermail/end2end-interest/attachments/20070116/28c32421/signature.bin
More information about the end2end-interest
mailing list